53.2. Adding a Webmin Server
To add a new server to this module, either to provide a link to it or so that it can be managed with one of the Cluster group modules, follow these steps:
1. | Click on the Register a new server link on the main page above or below the existing icons. |
2. | In the Hostname field, enter the Internet hostname or IP address of the other server, such as server.example.com. |
3. | In the Port field, enter the port that Webmin is listening on—usually 10000. |
4. | From the Server type menu, choose the operating system that the other host runs. This only sets the icon that will be used to represent the server. |
5. | If the other Webmin server is in SSL mode, select Yes in the SSL server? field. This option can only be used if the master system has the Net::SSLeay Perl module and the OpenSSL library installed so it can make a client-mode SSL connection. |
6. | When the Description field is set to From hostname and port, the server's hostname and port number are shown under its icon on the module's main page. You can, however, select the second option and enter an alternate description to be shown instead, such as Corporate Web Server. |
7. | Servers defined in this module can be categorized into groups for easier addition in the Cluster category modules. In the Member of server group field you can select one of the following options: None The system you are adding will not be in any group. Existing group If some groups have already been defined, this server will be in the group selected from the menu next to this option. If no groups exist yet, this option will not even appear. New group The server will be added to the new group whose name you enter in the adjacent text field. A group will cease to exist as soon as all of the servers in it have been deleted or changed to another group. |
8. | The Link type field is possibly the most important on this form, as it determines if the new server can be used in the Cluster modules and the System and Server Status module. It also determines whether the icon is a normal link or a tunnel. Your options are: Normal link to server RPC calls cannot be made to the other server and the icon on the module's main page will just be a normal web link. If the system is running some other web server-specified port, you should select this option. Login via Webmin with username This option must be chosen if you want to use Webmin's RPC features to control this server, such as with the Cluster category modules. If selected, you must enter a username and password for Webmin on the remote host into the fields next to it. The user should be root or admin because other Webmin users are not, by default, allowed to receive RPC calls unless specifically authorized to do so. RPC can be used to run any command or modify any file on a server, which is why access to it must not be granted to untrusted Webmin users. If this mode is chosen, the server's icon on the main page will be a tunnel that automatically logs whoever clicks on it into the remote server as the specified user. Login when icon is clicked on If this option is chosen, the server cannot be used for RPC, but its icon will still be a tunnel to the remote host. When first clicked on, it will prompt the user for a login and password for the remote system, which will be stored in a cookie in the user's browser. This option is handy if you want various users to be able to make use of the tunneling feature, but still log in to the remote system as themselves. |
9. | If Login via Webmin with username was selected above, the Make fast RPC
calls? field determines whether the new fast RPC protocol will be used or the older slow protocol. You can either select Yes to force the use of fast mode, No to force slow mode, or Decide automatically to have Webmin use fast mode only if it is available. If the automatic option is chosen, and the server cannot be contacted or logged into, an error message will be displayed when you hit the Create button later. Versions of Webmin before 0.89 did not support the fast protocol, but most systems should have been upgraded beyond that by now. You will generally want to use the faster mode all the time, unless a firewall is blocking the direct TCP connections that it uses. See Section 53.6 “How RPC Works” for more details on the differences between the two modes. |
10. | Finally, hit the Create button to add this new server. As long as there were no errors in the form you will return to the module's main page, which should include a new icon. |
The icons for servers not created in Normal link to server mode will actually be links to a program on this master server that connects to the remote system for you. This can actually be useful if your master server is accessible from the Internet but internal hosts are not. For example, if you only have a single Internet IP address and are using NAT. When you access those internal servers by clicking on their icons in this module on the master system, your browser is really only connecting to the master server, which is then tunneling the requests though to the chosen slave.
On a Webmin system with multiple users, you should be careful about giving access to this module to untrusted users. Anyone who can click on an icon for a server in Login via Webmin with username mode will be connected to the remote system as the user specified for that server, not himself. This will probably allow him to do things with root privileges on that remote host that he would not be able to do on the master system.
Section 53.7 “Module Access Control” explains how you can control which server icons a particular user can use, so that untrusted people can be limited to those in the safe Normal link to server or Login when icon is clicked on modes.